<?php


namespace app\http\middleware;


class CrossDomain
{

    public function handle($request, \Closure $next)
    {
        $origin = isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : '';

        $allowOrigin = array(
            "https://erp.huanhuanhuishou.com",
            "http://erp.huanhuanhuishou.com",
            "http://rebuild.home.test",
            "http://localhost:3000",//前端本地
            "http://localhost:8000",//前端本地
            "http://localhost:8080",//前端本地
            "http://rebuildhome.hhyp58.com",//后台
            "http://rebuildf.hhyp58.com",//h5
            "http://rebuildpc.hhyp58.com",//pc
            "http://rebuildb_home.hhyp66.com",
        );

//        if (in_array($origin, $allowOrigin)) {
        foreach ($allowOrigin as $k => $v) {
            header("Access-Control-Allow-Origin:" . $v);
        }

//        header("Access-Control-Allow-Origin:*");

        header("Access-Control-Allow-Credentials:true");
        header("Access-Control-Allow-Headers: Authorization, Sec-Fetch-Mode, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, If-Match, If-None-Match, If-Unmodified-Since, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Accept-Language, Origin, Accept-Encoding");
        header('Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE');
        header('Access-Control-Max-Age: 1728000');
        header('jin: 199503142516');
        if (strtoupper($request->method()) == "OPTIONS") {
            return response();
        }

        return $next($request);
    }

}